Credentialing method and apparatus for facility access

ABSTRACT

A credentialing method and apparatus for facility access. The apparatus can include a system that includes one or more BLE beacons located within proximity to a facility, where one or more of the beacons identifies a location or other information unique to its proximity to the facility. The apparatus can further include an eBadge used by a person seeking access to the facility. The eBadge can also in some embodiments be a BLE beacon. Interaction between the one or more BLE beacons, a credentialing provider&#39;s app operating on the person&#39;s mobile device, and the person&#39;s eBadge operate in the system to perform a method of controlled access to the facility. In some embodiments, administrators with access to the credentialing provider&#39;s app also can control, monitor, report, and observe details concerning such facility access.

TECHNICAL FIELD

Embodiments of the subject matter disclosed herein generally relate tomethods and systems for ensuring that only entities (whether they bepersons or things) that meet pre-set criteria are allowed to enter anenvironment that could be compromised by an entity entering thatenvironment that does not meet the pre-set criteria. In this regard, oneembodiment of the present invention is directed to vendor credentialing,where vendors desiring entry to heath care organizations must first meetcertain pre-set credentials before being allowed to enter that healthcare organization's facility.

DISCUSSION OF THE BACKGROUND

The modern-day explosion in population, disease, harmful substances,dangerous environments, contamination, and crime has given rise to thefield of credentialing, which generally concerns taking steps to ensurethat people and things are not allowed to go places or encounter thingsthey should not. One example is the health care field. There, a host ofenvironments exist in which it is important that only authorizedpersonnel and/or devices be allowed to interact in proximity to oneanother. In other words, only personnel and/or a device that meets acommon set of pre-established credentials will be allowed to interactwithin proximity to one another.

As one non-limiting example, take vendors (e.g., service or productproviders) who wish to enter a health care facility (e.g., a hospital,doctor's office, or emergency care facility) to sell, service, orotherwise offer their third-party offerings to the operators of thehealth care facility. In the past, these individuals may have beenallowed to enter the facility uninterrupted, without any admittancecriteria or standards. The health and safety risks associated with suchuninhibited or “free” access are obvious and, as such, are now oftenprohibited by federal, state, local, and/or best practices guidelines.

As referenced above, the process of controlling vendor access tofacilities is one form of credentialing. In the health care environment,one method of credentialing requires vendors to approach a designatedscreening representative at each health care facility the vendor visits,so that the screening representative can invoke that facility'sestablished protocol for deciding whether to allow the vendor access tothe facility. This method is disfavored due at least to its burden onpersonnel, necessary training, consequential front-office congestion,lack of contemporaneous access to updated and/or accurate vendor data,and the costs associated therewith.

Another credentialing option is for the health care facility to use theservices of an outside, third-party credentialing provider. Onewell-known and often- used provider is VCS, Inc.(https://www.symplr.com), also known as Symplr.

Credentialing providers require vendors to register with them so thatthe provider (instead of the health care facility) performs at least thesame credentialing the health care facility would, but the credentialingis done off-site from the health care facility and in a manner that eachindividual vendor's credentials are investigated, verified against thecredentials mandated by each pertinent/participating health carefacility, and stored for future use, updating, and network access atleast by the credentialing provider. After a vendor is approved foraccess to a particular facility, the credentialing providertraditionally gave the qualified/credentialed vendor a badge thattypically contained a bar code and possibly other identifyinginformation (such as a photograph), which the vendor used toauthenticate himself in two primary respects when entering aparticipating health care facility.

First, the bar code on the vendor's badge could be scanned at a kiosk orother scanning facility in the lobby of the health care facility. Thekiosk often was computer-implemented and possessed either local ornetworked access to a database maintained by the credentialing supplier,such that the kiosk used the bar code to identify the vendor and thenaccess and examine the associated vendor's credentials relative to thosemandated by the pertinent health care facility. Through thiscomputerized process, the kiosk either approved or denied the vendor'saccess to the health care facility. This approval process could alsoentail either the printing of an entrance sticker (to be worn by thevendor), open a locked door, or provide other authorized passage.

Second, as mentioned above, while the badge also may have provided photoidentification, in those instances in which the kiosk prints an entrancesticker, the kiosk could also print an additional code on the sticker.This additional code could provide opportunity for on-the-spotverification by facility personnel as an added security measure afterthe vendor had gained access to the facility.

More recently, some credentialing providers have started providingvendors with electronic badges as a substitute for the traditionalvendor badge and/or printed sticker. One such system and method isdescribed in U.S. Pat. No. 10,304,268, which is incorporated herein byreference.

In one such scenario, as an example, a vendor identifies (on acredentialing agent's website or via a smart phone application supportedby the credentialing agent) a location he wishes to visit and then sendsthe credentialing agent all the access requirements/credentialsnecessary for visiting that location. The credentialing agent theneither approves or disapproves the visit based at least upon acomparison between the vendor-provided credentials and the requisitecredentials the location previously supplied to the credentialing agent.(While other credentialing steps can be taken, the process ofcredentialing is well known and will be appreciated by those skilled inthe art.)

If access is approved, the vendor then travels to the location he wishes(and has been approved) to visit and, upon being within a predefineddistance of the location (such as one mile), the vendor activates thecredentialing provider's mobile application on the vendor's mobiledevice to execute a “check-in” procedure. The check-in procedure willonly proceed if the vendor is within the requisite distance of thedesired location, as determined by the GPS and mapping functionality ofthe vendor's mobile device. As part of the check-in procedure, themobile application establishes an electronic (such as Bluetooth)connection between the vendor's mobile device and the vendor'selectronic badge to update the badge's display to indicate that thevendor has been given permission to access the location (assuming suchpermission is still available/authorized), such as displaying a facialphoto of the vendor and some sort of “access permitted” designation. Byvisibly wearing the electronic badge throughout the vendor's visit,facility personnel are assured that the vendor is an “authorized”visitor. A “check-out” procedure likewise can be invoked if the mobiledevice detects that the vendor has travelled outside one or more virtualboundaries associated with the facility and/or the vendor has exceeded apre-designated time within the virtual boundaries. The check-outprocedure will likewise update the vendor's electronic badge to displaysome sort of “access expired” designation, which is also visible tofacility personnel.

Problems abound with these prior art credentialing processes. Kiosks areexpensive to install and maintain, whether by the health care facilityor a credentialing provider. Likewise, the computer hardware implementedby the kiosk often quickly becomes outdated, lacks software updates, issusceptible to network interruptions or outages, and/or becomesincompatible with hardware updates at the health care facility or thecredentialing provider. Likewise, if a vendor loses his printed/paperbadge, he either must endure the disruption of being denied access whilehe acquires a new badge, or he might circumvent the health carefacility's vendor entry requirements, thereby destroying the entirecredentialing process and the safeguards afforded thereby.

The GPS functionality employed by certain of these prior art systemsalso has inherent limitations that diminish the suitability ofcredentialing methods that employ that functionality. For example,locations/facilities that are close in proximity may not bedistinguishable using GPS functionality, such that a vendor's mobiledevice is unable to distinguish whether the vendor is at one locationversus another location, where the locations are geographicallyproximate one another. Nor is GPS functionality sometimes robust enoughto provide other useful data to the mobile device, such as addressinformation, location names, floor level, door number, and a host ofother location or other information important to the credentialing,entry, and exit processes. Nor can such functionality be used todistinguish altitudes, such as distinguishing between floors of amultistory building; and, obviously, it is susceptible to inaccuraciesin the GPS system, as well as the availability of cellular and/or WI-FIservice.

SUMMARY

The present invention addresses the disadvantages and drawbacks ofcurrent credentialed facility access and the apparatuses associatedtherewith. In one embodiment, the apparatus can include a system thatincludes one or more BLE beacons with one more BLE listening pointslocated within proximity to a facility, where one or more of the beaconsidentifies a location or other information unique to its proximity tothe facility. In some embodiments, the apparatus can further include aneBadge used by a person seeking access to the facility. The eBadge canalso in some embodiments be a BLE beacon. Interaction between the one ormore BLE beacons, a credentialing provider's app operating on theperson's mobile device, and the person's eBadge operate in the system toperform a method of controlled access to the facility. In someembodiments, administrators with access to the credentialing provider'sapp also can control, monitor, report, and observe details concerningsuch facility ingress, egress, and on-premise visit.

Variants of the present invention are possible and are within the scopeof this disclosure, whether expressly identified or not. For example,the credentialed access process could be carried out for people (orthings such as equipment, drugs, devices, etc.) other than vendors, andsuch credentialed access could be performed for any industry other thanthe health care industry.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated herein and constitutea part of the specification, illustrate one or more embodiments and,together with the description, explain these embodiments. In thedrawings:

FIG. 1 is a high level workflow for one embodiment of the presentinvention;

FIG. 2 is a high level workflow for one embodiment of the arrival andpairing process;

FIG. 3A-3B is a workflow for one embodiment of a representative'sarrival at a facility;

FIG. 4A-4B is a workflow for one embodiment of a user observing arepresentative or vendor exhibiting non-compliant behavior; and

FIG. 5 is a workflow for one embodiment of a supply chain administrator.

DETAILED DESCRIPTION

The following description of the exemplary embodiments refers to theaccompanying drawings. The same reference numbers in different drawingsidentify the same or similar elements. The following detaileddescription does not limit the invention. Instead, the scope of theinvention is defined by the appended claims.

Reference throughout the specification to “one embodiment” or “anembodiment” means that a particular feature, structure or characteristicdescribed in connection with an embodiment is included in at least oneembodiment of the subject matter disclosed. Thus, the appearance of thephrases “in one embodiment” or “in an embodiment” (or variants thereof)in various places throughout the specification is not necessarilyreferring to the same embodiment. Further, the particular features,structures or characteristics may be combined in any suitable manner inone or more embodiments.

The present invention makes use of an electronic identification badge,or “eBadge”, which is a well-known device to those skilled in the art.An exemplary eBadge is Picolabel, manufactured by Mpicosys, the detailsof which can be found athttps://www.mpicosys.com/epaper-labels-picolabel-nfc-updated-no-battery-epaper-labels/.

In some embodiments the functional requirements of an exemplary eBadgeinclude one or more of the following: (1) the eBadge pairs with acredentialing agent's application (or “app”) to support encryptedcommunications between the vendor's user account and the eBadge; (2) theeBadge has a selectable Bluetooth Low Energy (“BLE”) beacon transmissionrate; (3) the paired eBadge receives and displays an image transmittedvia the credentialing agent's mobile application; (4) the eBadge has aninternal timer to track the duration of display; (5) the eBadge is ableto change its display to an expired state without interaction with thecredentialing agent's services; (6) the eBadge supports a motion sensorthat will wake the battery when movement is detected; (7) the eBadgeemits a BLE beacon for 24 hours after activation then ceases, unless thevendor is able to successfully reactivate via a subsequent check-in andsync event; (8) the eBadge is battery powered with the flowingcharacteristics: (a) the battery is user replaceable; (b) the battery iscommonly available for retail purchase (such as CR2032, AAA); and (c)the battery supports normal operations for one year before needingreplacement; and (9) the eBadge has compatibility with Samsung or otherAndroid(Android 5.0 or higher) and iPhone (iPhone 5 and above, iOS 9.0or above).

In some embodiments the physical requirements of an exemplary eBadgeinclude one or more of the following: (1) support of a 4.01 inch N-colore-Ink display (iAB1024-DOB) in portrait orientation; (2) weigh no morethan 85 grams or 3 ounces; (3) be no more than 0.5 inches at itsthickest point; (4) be able to be worn via an attachable lanyard; and(5) employ a casing able to display registered markings for performanceand quality testing.

In some embodiments the performance and reliability requirements of anexemplary eBadge include one or more of the following: (1) able tooperate in a temperature range of 20 to 130 degrees Fahrenheit; (2)protect from foreign objects and substances up to a 5.4 IP rating(partial protection against dust that may harm equipment), protectionagainst low-pressure jets (6.3 mm) of directed water from any angle, andlimited ingress permitted with no harmful effects; (3) durable and ableto withstand impacts up to 6 feet to a concrete floor; and (4) able toresist scratching up to 3H on Mohs hardness scale.

In some embodiments the security requirements of an exemplary eBadgeinclude one or more of the following: (1) a mechanism to identifywhether the eBadge is supplied by the credentialing provider with aunique identifier, which has to be provided to the credentialingprovider by the manufacturer; (2) a mechanism to identify whether thebeacon eBadge is supplied by the credentialing provider with a uniqueidentifier, which has to be provided to the credentialing provider bythe manufacturer; (3) support PKI infrastructure where the credentialingprovider keeps the private key, and the public key is imprinted in theeBadge; (4) the credentialing provider provides an OAuth2.0 API toobtain the public key for each badge (private-public key pair will begenerated by the credentialing provider and against a provided badgeunique identifier); (5) a possibility to set the certificate or keyprovided by the credentialing provider in the factory for each eBadgedevice separately for further communication (eBadge writing and timeclock synchronization); (6) the public key/certificate should not beread from the eBadge device by any means; (7) only the credentialingprovider should be able to write into the eBadge device display and theeBadge should decrypt the message before writing badge to display; (8)only the credentialing provider should be able to synchronize the clockin the eBadge device and the eBadge should decrypt information beforesynchronizing the clock; (9) a provision to pass appointment expirydetails along with digital badge image as an encrypted message and theeBadge device should take the data after decrypting; and (10) anintegrated circuit program which keeps track of the expiry time andmanages badge state change in a secure way, which should not expose anycredential or introduce any vulnerability for writing into the badge tothe outside world.

In addition to an eBadge, the present invention also makes use of one ormore BLE beacons, which are well known to those skilled in the art. Anexemplary BLE beacon is Zebra Bluetooth Bridges, manufactured by Zebra,the details of which can be found athttps://www.zebra.com/us/en/products/spec-sheets/location-technologies/bluetooth-beacons/mb5000-mb6000.html.As explained above, BLE stands for Bluetooth Low Energy. Bluetooth LowEnergy is a form of wireless communication designed especially forshort-range communication. BLE is similar to Wi-Fi in the sense that itallows devices to communicate with each other. However, BLE typically ismeant for situations where battery life is preferred over high datatransfer speeds. Most smart phones and tablets today are BLE compatible,which means they can seamlessly communicate with Bluetooth enabledwireless headphones, digital signage, car stereos, fitness trackers,smart watches, and hardware devices like beacons.

BLE data transfer is essentially one-way communication. Consider as anexample BLE beacons trying to communicate with a smart phone in closeproximity—a Bluetooth Low Energy beacon device broadcasts packets ofdata at regular intervals of time. These data packets are detected by anapp or other pre-installed services on nearby smart phones. This BLEcommunication triggers actions such as pushing a message to the smartphone screen. Other actions are described in more detail below, butsuffice it to say that the actions can be anything the app or otherpre-installed service is designed to support/implement.

To save energy and provide higher data transfer speed, the entire BLEcommunication framework consists of 40 frequency channels, separated by2 MHz. Three of these channels are the primary advertisement channels,while the remaining 37 channels are secondary channels, also known asdata channels. The Bluetooth communication starts with the 3 primaryadvertisement channels and then offloads to the secondary channels.

BLE beacons, as the name suggests are beacons that communicate viaBluetooth Low Energy. Beacon devices are small radio transmitters,strategically mounted throughout locations, to broadcast low energyBluetooth signals in a given range. This range depends on hardwarecapability. On average, a beacon device can transmit BLE signals to 80meters.

As indicated above, this BLE signal from the beacon is capable oftriggering a specific action in a receiving device. This is accomplishedby the BLE beacon sending out an ID number via BLE channels,approximately 10 times every second. A Bluetooth-enabled device inproximity of the beacon picks up this ID number. When an app orpre-installed service like Google Nearby recognizes the ID number, itlinks the ID to an action, such as downloading an app, or piece ofcontent (maybe a marketing offer) stored on the cloud, which is thendisplayed on the smart phone.

In the case of the present invention, the ID number is (in oneembodiment) associated with a location of the BLE beacon. As such, theID number could designate a facility, such as a specific building, aspecific parking lot, a particular entrance, a door, a stairway, andarea of a facility, etc. It could also designate an address or any otherbit of information the user (in this case the credentialing providerand/or facility) chooses to assign to the ID number. As such, when avendor's smart phone detects a BLE beacon previously established by acredentialing provider, the beacon not only activates the credentialingprovider's app on the vendor's smart phone, but the app uses the BLEbeacon ID to determine exactly where the vendor is by referring to alookup table (or any other similar mechanism) that translates the beaconID to the information assigned to it by the credentialing provider.

Of note, and as also referenced above, eBadges also can be BLE beacons.As such, an eBadge can transmit an “ID” that identifies any informationabout the badge a credentialing provider chooses to associate with thatID. For example, consistent with embodiments of the present invention,the credentialing provider could associate information with a badge IDsuch as the name of the vendor assigned to that badge, his occupation,his employer, his photo, his age, his credentialing information, and/orany other information the credentialing provider chooses. In thismanner, anyone receiving an ID number from a vendor's eBadge/BLE beaconcan—assuming he has authority via the credentialing provider's app(which is within the scope of the present invention)—identify the vendorand be informed of whatever other information is associated with that IDnumber.

Likewise, assuming the credentialing vendor's app and associated systemstores the pertinent information (which is within the scope of thepresent invention), it also can be determined where the vendor islocated if the system stored the locations of the vendor's recentlyvisited BLE beacons. A map can even be generated to trace the travelpath of a vendor and/or that of all (or a subset thereof) of eBadgessupported by the credentialing provider. The credentialing provider caneven provide privileges to users so as to dictate the level ofinformational detail accessible by such users about the eBadges in use.

The use of eBadges and BLE beacons in various embodiments and in contextwith the present invention is further described below in connection withFIGS. 1-5 .

FIG. 1 illustrates an exemplary high-level workflow of one embodiment ofthe present invention. The workflow begins at step 100 and proceeds tostep 110, where arrival (to the vendor) and pairing (with thecredentialing service) of the eBadge occurs. There is a host ofwell-known ways in which a vendor might receive an eBadge, each of whichis within the scope of the present invention. In one embodiment, thevendor and the credentialing provider establish a relationship afterwhich the credentialing provider arranges for the shipment of an eBadgeto the vendor, after which the vendor pairs the eBadge with thecredentialing providers service (as described in more detail below).Next, at step 120 the Rep (or vendor) checks-in, i.e., the step in whichthe vendor checks in to the facility to which he desires access. Theworkflow progresses from step 120 to step 130, at which point the vendorcarries out his onsite activities at the facility, whatever they may be.Finally, step 140 symbolizes the Rep (or vendor) check-out procedure,which takes place after the vendor has concluded his on-site activities,his authorized time at the facility has expired, and/or he desires toexit (or has exited) the facility.

FIG. 2 illustrates exemplary detail for an embodiment of the arrival andpairing step 110 of FIG. 1 . Specifically, at step 200 a package is sentto a vendor that has subscribed to a credentialing provider's service.The package may have been ordered for delivery by the credentialingprovider or otherwise, such as by the vendor himself. As shown at step210, the package contains an unpaired, serialized eBadge supported bythe credentialing provider. At step 220, the vendor initiates pairing ofthe eBadge with the credentialing provider's mobile application. (Asstep 220 shows, data connectivity for the credentialing provider'smobile application is required at this step.) Those skilled in the artwill appreciate other methods and techniques of pairing, each of whichis within the scope of the present invention.

At step 230 of this particular embodiment, the credentialing provider'smobile application communicates with the eBadge via NFC so that the UIDof the eBadge can next be transmitted to the credentialing provider'sservices. At step 240 the eBadge UID and the vendor ID are registeredwith the credentialing provider's services. Finally, at step 250,activation, registration, and pairing of the eBadge is complete. As willbe apparent to those skilled in the art, this arrival and pairingprocess can include additional steps and need not necessarily includeall of the steps identified in FIG. 2 .

FIGS. 3A-3B illustrate an exemplary workflow for one embodiment of thepresent invention in which a vendor arrives at a facility he desires toaccess. The workflow begins at step 301. From step 301, the flow movesto step 302, where the vendor arrives within the vicinity of thefacility. If the vendor is within range of a facility level BLE beacon,as represented at step 303, the workflow moves to step 305, where thecredentialing application on the vendor's mobile device will (inresponse to receiving data from the facility level BLE beacon) messagethe vendor to begin the check-in procedure. If, however, the vendor isnot within range of the facility level BLE beacon, the credentialingapplication on the vendor's mobile device will message the vendor, asshown at step 304, that the vendor must be closer to the facility beforebeing able to initiate a check-in procedure. At that point flow returnsto step 303.

The check-in procedure is illustrated beginning at step 306. If thevendor declines to check-in, as illustrated at step 307, the workflowreturns to step 303. If, however, the vendor decides to affirmativelycheck-in, the workflow progresses to step 309 where the credentialingapplication on the vendor's mobile device determines whether the vendoris authorized for entry. As will be understood by those skilled in theart, such authorization can be based on a host of factors, such ascredentialing, facility authorization, etc. If the vendor is authorizedfor entry, the workflow progresses to step 318 where the credentialingapplication on the vendor's mobile device displays a check-in form forthe vendor to complete. If the vendor is not authorized for entry, theworkflow progresses to step 310 where the credentialing application onthe vendor's mobile device displays a message informing the vendor thathe is not permitted to check-in.

After displaying the deny-check-in message at step 310, the workflowmoves to step 311, where the vendor is given the option of reviewing andresolving his issue via a credentials list. Each facility has a uniqueset of requirements for access. When a vendor has not satisfied all ofthe requirements they will not be allowed to check-in. Examples includecompletion of health screenings and trainings, as well as reviewing andsigning policy documentation. Resolving any issues with these itemswould be required before engagement. At step 311, the vendor has twooptions. He can select an option to review his credentials at step 314(see FIG. 3B) or he can reach out to vendor support at step 312. At step312, the vendor has two options. He can select an option to reach out tovendor support via phone or live chat at step 315 (see FIG. 3B) or hecan reach out to the appropriate facility personnel at steps 313 and 316(see FIG. 3B) in an effort to override the prior denial of his access.In any of the cases after steps 314, 315, and/or 316, the workflow endsat step 317 (see FIG. 3B).

Returning to the case in which the vendor was permitted to check in atstep 309, the workflow continues to step 318 where the credentialingapplication on the vendor's mobile device displays a check-in form forthe vendor to complete. The vendor completes the check-in form at step319, at which point the credentialing application on the vendor's mobiledevice transfers content to the vendor's eBadge at step 320 (see FIG.3B). This content can be a variety of information in differentembodiments, which can include one or more of a photo image of thevendor, an “access permitted” notation, a colored background or otherdesignation indicating access is permitted, a timer of permitted access,and/or any other text, images, functions, or notations deemed useful fordisplay on the eBadge during the vendor's presence inside the facility.

At step 321, the eBadge display updates to an active view until it isdetermined, at step 322, whether the badge has expired. A badge mightexpire for a host of reasons known to those skilled in the art, such asthe expiration of a pre-designated time that the vendor is allowed onpremise, revocation of a vendor's credentials, contemporaneousinstructions from the facility or credentialing provider, the vendor'stravel/presence in an unauthorized location (as detected by another BLEbeacon in the facility), etc. If the eBadge expires, the workflow movesto step 323 at which point the eBadge display updates to an expiredview. The content of the expired view can be a variety of information indifferent embodiments, which can include one or more of the removal ofthe vendor's photo image, an “access expired” notation, a coloredbackground or other designation indicating access is denied/expired, anexpired timer of permitted access, and/or any other text, images,functions, or notations deemed useful for display on the eBadge todenote the fact that the vendor's access privileges have expired. Theworkflow then proceeds to step 317, at which point the process can beginagain at step 301.

FIGS. 4A-4B illustrate an exemplary workflow for one embodiment of thepresent invention in which a vendor or representative of a vendor isobserved exhibiting non-compliant behavior, i.e., behavior inconsistentwith the rules, regulations, best practices, procedures, etc. of thefacility being visited. It should be noted that vendor andrepresentative are at times used synonymously. A vendor is a genericname for an entity that seeks to sell something to someone, whereas arepresentative is the person/employee/rep of the vendor who actuallydoes the selling. Those of skill in the art will understand from contextwhen the two terms are used synonymously and when they are not.

The workflow of FIG. 4A begins at step 401 and moves to step 402, atwhich step a user (of the credentialing provider's app) observes avendor or representative exhibiting non-compliant behavior. This usercould be, for example, an employee of the facility the representative isvisiting. As this point, the user has the option of addressing thenon-compliant behavior in a number of manners, one being to log on tothe credentialing provider's app, as shown in step 403. At step 404 itmust be determined whether the user already knows the identity of theoffending vendor or representative. If so, the workflow proceeds to step416. If not, the workflow proceeds to step 405.

At step 405, the user navigates through the credentialing provider's appto the functionality that enables the user to display therepresentatives who are in BLE range of the user's mobile device. Recallthat each representative's eBadge can itself a BLE beacon and, as such,the user's mobile device (equipped with the credentialing provider'sapp) will be able to detect all such beacons within its BLE range. Atstep 406, the app displays all representatives in BLE range. At step407, the user selects a representative in BLE range in order to view, atstep 408, the account details of such representative. The accountdetails of a representative can include a photo of the representative,his name, address, employer, height, weight, credentials, and any otherdetail the credentialing provider may have collected and stored in thatrepresentative's account information. The user can use that informationat step 409 to assess whether the offending representative matches withthe representative being viewed on the credentialing provider's app. Ifthere is no match, the workflow proceeds to step 410, at which theworkflow proceeds back to step 406 to identify another representative inBLE range so as to thereafter assess (at steps 407-409) whether that isthe offending representative. If there is a match at step 409, theworkflow proceeds to step 411.

Step 411 illustrates the functionality of the credentialing provider'sapp that allows a user to select certain actions to take in response tothe representative's non-compliant behavior. Upon selecting an action,the credentialing provider's app generates/displays a representativereport form at step 412 (see FIG. 4B). The user completes and submitsthe report at step 413, which at least results in notification to thesupply chain at step 414, whether the supply chain be one or more of thecredentialing provider, facility management, facility security, vendor,representative, etc. The workflow thereafter ends at step 415.

Referring back to step 404 to the scenario in which the offendingvendor's or representative's identity is known. In that case, theworkflow proceeds to step 416 where a decision is made to report therepresentative. If the decision is made to report the representative,the workflow moves to step 417 where the user navigates to the detailpage for the representative and then to step 408 to complete theidentifying and reporting steps as previously described.

If, however, at step 416 the user decides not to report therepresentative, then the workflow continues to step 418, where adecision is made on whether to report the vendor. If the decision (bythe user) is made to not report the vendor, the workflow moves to step415 (see FIG. 4B) where the workflow ends. If the decision is made toreport the vendor, then the workflow moves to step 419, where the usernavigates to the detail page of the vendor as supplied by thecredentialing provider's app. The account details for the vendor arenext displayed at step 420. The account details of a vendor can includethe vendor's name, address, contact information, products sold,authority figures within the vendor's organization, representatives ofthe vendor and corresponding representative information as describedabove, and any other detail the credentialing provider may havecollected and stored in that vendor's account information.

Step 421 illustrates the functionality of the credentialing provider'sapp that allows a user to select certain actions to take in response tothe decision to report a vendor in light of non-compliant behavior by arepresentative. Upon selecting an action, the credentialing provider'sapp generates/displays a vendor report form at step 422. The usercompletes and submits the report at step 423, which at least results innotification to the supply chain at step 414 (see FIG. 4B), whether thesupply chain is one or more of the credentialing provider, facilitymanagement, facility security, vendor, representative, etc. The workflowthereafter ends at step 415.

FIG. 5 illustrates an exemplary workflow for one embodiment of thepresent invention in which a supply chain administrator processesreceipt of non-compliant behavior. The workflow begins at step 501 andmoves to step 502, where a decision is made as to whether or not areport of non-compliant behavior has been received. If a report has notbeen received, the workflow progresses to step 513, which is describedin below in more detail. If a report has been received, the workflowprogresses to step 503, where a push notification is displayed on thesupply chain administrator's mobile or desktop device as a result ofrunning the credentialing provider's app.

At step 504, the administrator opens the push notification received atstep 503. At step 505, the administrator navigates to the reportingfunctionality of the credentialing provider's app, which gives theadministrator a menu of reporting/responsive options, such as flaggingthe vendor and incident for discussion at a future business review withthe vendor, denying future entry of the vendor, determining the vendor'scurrent location, dispatching security to find the vendor, etc. Fromstep 505, the workflow progresses to step 506, where there is an optionfor the administrator to take immediate action. If immediate action isnot taken, the workflow proceeds to step 508. If immediate action istaken, the workflow proceeds to step 507, wherein the administratorselects the option to alert security and provide the last BLE locationof the offending eBadge. This portion of the workflow then ends at step512 after executing step 507.

If immediate action is not taken at step 506 and the workflow progresses(as indicated) to step 508, then at step 508 it is decided by theadministrator whether to flag the non-compliant behavior for businessreview conversation. If the decision is made to flag the event, theworkflow progresses to step 509 where the administrator selects anoption from the credentialing provider's app to flag the event forfuture business review conversation. If the decision is made to not flagthe event, then the workflow proceeds from step 508 to step 510. At step510, the administrator makes a decision on whether to deny access forthe offending representative and/or vendor going forward. If thedecision is made to deny access, the workflow progresses to step 511where the administrator selects an option from the credentialingprovider's app to deny access to a specific representative or vendorgoing forward. If the decision is made to not deny access, the workflowprogresses from step 510 to step 512 where this portion of the workflowends.

Returning step 502 where it is determined whether or not a report ofnon-compliant behavior has been received, as indicated above, theworkflow progresses to step 513 if it is determined that no report ofnon-compliant behavior has been received. At step 513, it is determinedwhether an eBadge BLE has been detected outside a specified department,i.e., in a location of the facility the vendor/representative is notauthorized to be. Such detection can be made in several manners. Forexample, a vendor/representative's app might detect a transmission fromBLE beacon located in a part of the facility the vendor/representativeis not authorized to access. In such instance, the app will record theinstance and report to one or more of at least the facility personneland/or the credentialing provider the fact that thevendor/representative has been located in an unauthorized location.

If no such detection is made, the workflow progresses from step 513 tostep 512 where this portion of the workflow ends. If such detection ismade, the workflow progresses from step 513 to step 514, where a pushnotification is displayed on the supply chain administrator's mobile ordesktop device as a result of running the credentialing provider's app.The administrator opens the push notification at step 515. At step 516,the administrator navigates to the details of the suspicious detection,such as the vendor is in an unauthorized location, the vendor loiters inan area he or she is not authorized for, or the vendor stays onsite pasthis or her authorized visitation. From step 516, the workflow progressesto step 506, where there is an option for the administrator to takeimmediate action. Thereafter, the workflow progresses as described abovewith respect to steps 506-512.

As indicated above, it should be understood that this description is notintended to limit the invention. On the contrary, the exemplaryembodiments are intended to cover alternatives, modifications andequivalents, which are included in the spirit and scope of the inventionas defined by the appended claims. Further, in the detailed descriptionof the exemplary embodiments, numerous specific details are set forth inorder to provide a comprehensive understanding of the claimed invention.However, one skilled in the art would understand that variousembodiments may be practiced without such specific details.

Although the features and elements of the present exemplary embodimentsare described in the embodiments in particular combinations, eachfeature or element can be used alone without the other features andelements of the embodiments or in various combinations with or withoutother features and elements disclosed herein.

This written description uses examples of the subject matter disclosedto enable any person skilled in the art to practice the same, includingmaking and using any devices or systems and performing any incorporatedmethods. The patentable scope of the subject matter is defined by theclaims, and may include other examples that occur to those skilled inthe art. Such other examples are intended to be within the scope of theclaims.

What is claimed is:
 1. A method of using a smart phone and an eBadge forfacility access, including the steps of: receiving a signal from a BLEbeacon, wherein the signal includes information associated with alocation of the BLE beacon; determining whether entry to the facility isauthorized; if entry to the facility is authorized, transferringdisplayable content from the smart phone to the eBadge indicating accessis authorized; determining whether entry to the facility is no longerauthorized; if entry to the facility is no longer authorized,transferring displayable content from the smart phone to the eBadgeindicating access is not authorized.
 2. The method of claim 1 furtherincluding the step of generating a message to begin a check-in procedurein response to receiving the BLE beacon signal and determining thatentry to the facility is authorized.
 3. The method of claim 2 whereinthe step of determining whether entry to the facility is authorizedincludes credentialing.
 4. The method of claim 3 further including thestep of performing a check-out procedure.
 5. The method of claim 4wherein the eBadge pairs with a credentialing agent's applicationinstalled on the smart phone to support communications between a useraccount and the eBadge.
 6. The method of claim 5 further including thestep of using the information associated with a location of the BLEbeacon in connection with the credentialing agent's applicationinstalled on the smart phone to determine where the BLE beacon islocated.
 7. The method of claim 6 wherein the check-out procedure isinitiated in response to receiving a signal from a BLE beacon.
 8. Themethod of claim 7 wherein the check-out procedure is initiated inresponse to receiving input from a user.
 9. The method of claim 8wherein the check-out procedure is initiated in response to anexpiration of a timer in the eBadge or smart phone.
 10. The method ofclaim 9 wherein the eBadge is programmed to include a unique identifier.11. The method of claim 10 wherein the step of determining whether entryto the facility is no longer authorized includes determining whether atime limit has expired.
 12. The method of claim 11 wherein the step ofdetermining whether entry to the facility is no longer authorizedincludes determining whether the eBadge has been detected in anunauthorized area.
 13. The method of claim 12 wherein the step ofdetermining whether entry to the facility is no longer authorizedincludes receiving information that a user of the eBadge has beenobserved exhibiting a non-compliant behavior.
 14. The method of claim 13wherein the step of determining whether entry to the facility is nolonger authorized includes using another smart phone to displayinformation associated with each eBadge within BLE range of the othersmart phone.
 15. The method of claim 14 wherein the eBadge is also a BLEbeacon.
 16. The method of claim 15 further including the step of theeBadge transmitting an ID number that identifies information about theeBadge.
 17. The method of claim 16 further including the step of theother smart phone receiving the ID number transmitted by an eBadge. 18.The method of claim 17 further including the step of storing a locationassociated with each BLE beacon from which a BLE beacon signal wasreceived.
 19. The method of claim 18 further including the step ofgenerating a map of a travel path based upon the location associatedwith one or more BLE beacons from which a BLE beacon signal wasreceived.
 20. The method of claim 19 wherein the credentialing agent'sapplication installed on the smart phone includes user privileges thatdictate a level of informational detail accessible concerning an eBadge.21. A smart phone programmed with an application installed thereon toperform a method including the steps of: receiving a signal from a BLEbeacon, wherein the signal includes information associated with alocation of the BLE beacon; determining whether entry to a facility isauthorized; if entry to the facility is authorized, transferringdisplayable content from the smart phone to an eBadge indicating accessis authorized; determining whether entry to the facility is no longerauthorized; if entry to the facility is no longer authorized,transferring displayable content from the smart phone to the eBadgeindicating access is not authorized.